The recording of attackers' activities in high-interaction honeypots
is one of the methods used to determine what vulnerabilities are being
explored to obtain access to the hosts, to capture new tools of attack
and to understand the motivation that stimulate them to initiate the
attacks.  In this paper, the first real session of attack capturated
and followed with the SMaRT tool is presented and discussed.